[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: chrooting a program not designed to be chrooted



On Thu, Jan 23, 2003 at 07:17:09PM -0000, Dom De Vitto wrote:
> Ted,
> If you go back to basics being root just to bind to <1024 is daft.
> 
> Just bind to a non-priv port, as a non-priv user in a chroot jail,
> then NAT traffic to the priv port to the unpriv one & vice versa.

no, bind to the port before you chroot & drop privs.

-- 
http://2suck.net/hhwl.html
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)